br.com.arsmachina:tapestry-url-rewriter (>=1.0.1 <=2.0.0), br.net.woodstock.rockframework:rockframework-web (>=1.2.1 <=1.2.2) +294 more potentially affected by CVE-2026-43515 via org.apache.tomcat:catalina (>=6.0.13 <=6.0.53)

org.apache.tomcat:catalina MAVEN version =6.0.13, =1.0.1, =1.2.1, =0.1, =7.12.0, =1.0.0, =1.0.3, =9.0.3, =9.0.3, =0.7.1, =1.5, =1.8.2, =0.9.0, =1.0.0 and more Source cves: CVE-2026-43515 Source advisory: SNYK:JAVA-ORGAPACHETOMCAT-16690891...

EUVD-2016-6346

Malware in sbrugna...

CVE-2025-26157

A SQL Injection vulnerability was found in /bpms/index.php in Source Code and Project Beauty Parlour Management System V1.1, which allows remote attackers to execute arbitrary code via the name POST request parameter...

xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)

It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of...

xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)

It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of...

CVE-2019-10173

It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of...

Apache CXF CVE-2018-8039 TLS Hostname Verification Security Bypass Vulnerability

Description Apache CXF is prone to a security-bypass vulnerability. Successfully exploiting this issue may allow attackers to obtain sensitive information by conducting a man-in-the-middle attack. This may lead to other attacks. The following versions of product are vulnerable: Apache CXF 3.1.16...

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

CVE-2016-5401

CVE-2016-5401 is a CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6. The flaw allows remote attackers to hijack user authentication to perform state-changing requests on the affected application via a crafted web page. Connected sources confirm the affected products are JBoss BRMS/BPMS 6, but ...

Red Hat JBoss BPMS Cross-Site Request Forgery Vulnerability

Red Hat JBoss BPMS is a business process management platform from Red Hat that combines all the features of JBoss BRMS. The platform provides additional support for modeling, automation, simulation, and business process monitoring. A cross-site request forgery vulnerability exists in Red Hat JBos...

CVE-2016-5401

Cross-site request forgery CSRF vulnerability in Red Hat JBoss BRMS and BPMS 6 allows remote attackers to hijack the authentication of users for requests that modify instances via a crafted web page...

PT-2015-3347

Name of the Vulnerable Software and Affected Versions Red Hat JBoss A-MQ versions 6.x Red Hat BPM Suite BPMS versions 6.x Red Hat BRMS versions 5.x and 6.x Red Hat Data Grid JDG versions 6.x Red Hat Data Virtualization JDV versions 5.x and 6.x Red Hat Enterprise Application Platform versions 4.3....

Appian Business Process Management Suite 5.6 Remote Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/26913/info Appian Business Process Management Suite BPMS is prone to a remote denial-of-service vulnerability because it fails to handle specially crafted packets. Successfully exploiting this issue allows remote attacker...

IBM BPMS 8.0.0.1 Privilege Escalation / Disclosure

IBM BPMS version 8.0.0.1 suffers from account reconfiguration, privilege escalation, and information disclosure vulnerabilities. Exploit Title: IBM BPMS BPM User account reconfiguration/Privilege Escalation/Information Disclosure Date: 31.01.14 Exploit Author: 0in Software link:...

IBM BPMS 8.0.0.1 Privilege Escalation / Disclosure

Exploit Title: IBM BPMS BPM User account reconfiguration/Privilege Escalation/Information Disclosure Date: 31.01.14 Exploit Author: 0in Software link: http://www-03.ibm.com/software/products/en/business-process-manager-family/ Version: 8.0.0.1 newest versions can also be vulnerable Vulnerability...